package com.dongdongshop.shiroconfig;

import com.dongdongshop.pojo.TbAdmin;
import com.dongdongshop.pojo.TbSeller;
import com.dongdongshop.service.TbAdminService;
import com.dongdongshop.service.TbSellerService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class Realm extends AuthorizingRealm {

    //注入用户service
    @DubboReference
    private TbSellerService tbSellerService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("进入授权方法");
        //查询登录用户客户管理权限
//        TPerson person =  (TPerson)SecurityUtils.getSubject().getPrincipal();
//        List<String> s = menuServiceI.showbyname(person.getPid());
//        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        List<String> list = new ArrayList<>();
//        list.add("Person_list");
//        info.addStringPermissions(s);
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("进入认证方法");
        //根据账号查出用户数据
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //自定义数据中账号密码
        TbSeller tbSeller = tbSellerService.findTbAdminByName(token.getUsername());
        //填写shiro判断账号密码逻辑
        //1.判断用户名
        if (tbSeller == null) {
            //账号未注册
            //我们只需要return一个null,shiro底层会抛出UnknownAccountException
            return null;
        }
        //2.判断密码
        return new SimpleAuthenticationInfo(tbSeller, tbSeller.getPassword(), ByteSource.Util.bytes(tbSeller.getBrief()), tbSeller.getSellerId());
    }
}
